Vulnerabilities > Qbik

DATE CVE VULNERABILITY TITLE RISK
2020-06-08 CVE-2020-13866 Incorrect Default Permissions vulnerability in Qbik Wingate 9.4.1.5998
WinGate v9.4.1.5998 has insecure permissions for the installation directory, which allows local users to gain privileges by replacing an executable file with a Trojan horse.
local
low complexity
qbik CWE-276
7.2
2009-03-04 CVE-2009-0802 Permissions, Privileges, and Access Controls vulnerability in Qbik Wingate
Qbik WinGate, when transparent interception mode is enabled, uses the HTTP Host header to determine the remote endpoint, which allows remote attackers to bypass access controls for Flash, Java, Silverlight, and probably other technologies, and possibly communicate with restricted intranet sites, via a crafted web page that causes a client to send HTTP requests with a modified Host header.
network
high complexity
qbik CWE-264
5.4
2008-08-12 CVE-2008-3606 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Qbik Wingate
Heap-based buffer overflow in the IMAP service in Qbik WinGate 6.2.2.1137 and earlier allows remote authenticated users to cause a denial of service (resource exhaustion) or possibly execute arbitrary code via a long argument to the LIST command.
network
low complexity
qbik CWE-119
6.5
2007-08-14 CVE-2007-4335 Remote Denial Of Service vulnerability in WinGate SMTP Session Invalid State
Format string vulnerability in the SMTP server component in Qbik WinGate 5.x and 6.x before 6.2.2 allows remote attackers to cause a denial of service (service crash) via format string specifiers in certain unexpected commands, which trigger a crash during error logging.
network
low complexity
qbik
5.0
2006-11-28 CVE-2006-4518 Remote Denial Of Service vulnerability in Qbik WinGate
Qbik WinGate 6.1.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a DNS request with a self-referencing compressed name pointer, which triggers an infinite loop.
network
low complexity
qbik
5.0
2006-07-10 CVE-2006-2917 Directory Traversal vulnerability in Qbik Wingate 6.1.2.1094/6.1.3.1096
Directory traversal vulnerability in the IMAP server in WinGate 6.1.2.1094 and 6.1.3.1096, and possibly other versions before 6.1.4 Build 1099, allows remote authenticated users to read email of other users, or perform unauthorized operations on directories, via the (1) CREATE, (2) SELECT, (3) DELETE, (4) RENAME, (5) COPY, (6) APPEND, and (7) LIST commands.
network
low complexity
qbik
5.5
2006-06-09 CVE-2006-2926 Remote HTTP Request Buffer Overflow vulnerability in Qbik Wingate 6.1.1.1077
Stack-based buffer overflow in the WWW Proxy Server of Qbik WinGate 6.1.1.1077 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long URL HTTP request.
network
low complexity
qbik
7.5
2004-12-31 CVE-2004-0789 Denial Of Service vulnerability in Multiple Vendor DNS Response Flooding
Multiple implementations of the DNS protocol, including (1) Poslib 1.0.2-1 and earlier as used by Posadis, (2) Axis Network products before firmware 3.13, and (3) Men & Mice Suite 2.2x before 2.2.3 and 3.5.x before 3.5.2, allow remote attackers to cause a denial of service (CPU and network bandwidth consumption) by triggering a communications loop via (a) DNS query packets with localhost as a spoofed source address, or (b) a response packet that triggers a response packet.
5.0
2004-12-06 CVE-2004-0578 Unspecified vulnerability in Qbik Wingate 5.0.5/5.2.3/6.0Beta2
WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote attackers to read arbitrary files via leading slash (//) characters in a URL request to the wingate-internal directory.
network
low complexity
qbik
5.0
2004-12-06 CVE-2004-0577 Unspecified vulnerability in Qbik Wingate 5.0.5/5.2.3/6.0Beta2
WinGate 5.2.3 build 901 and 6.0 beta 2 build 942, and other versions such as 5.0.5, allows remote attackers to read arbitrary files from the root directory via a URL request to the wingate-internal directory.
network
low complexity
qbik
5.0